<div align="Center">
<p><b>Lesson Plan Title:</b> How to Perform Cross Site Scripting
(XSS)</p>
</div>
<p><b>Concept / Topic To Teach:</b></p>
<!-- Start Instructions -->
It is always a good practice to scrub all inputs, especially those
inputs that will later be used as parameters to OS commands, scripts,
and database queries. It is particularly important for content that will
be permanently stored somewhere. Users should not be able to create
message content that could cause another user to load an undesirable
page or undesirable content when the user's message is retrieved.
<br>
XSS can also occur when unvalidated user input is used in an HTTP
response. In a reflected XSS attack, an attacker can craft a URL with
the attack script and post it to another website, email it, or otherwise
get a victim to click on it.
<!-- Stop Instructions -->
<p><b>General Goal(s):</b></p>
For this exercise, you will perform a stored XSS attack.
You will also implement code changes in the database to defeat
these attacks.
<br>

